fix(auth): stop pre-filling login username on new devices
Remove username_hint from hub auth status API and disable autocomplete on hub and instance login forms. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -120,14 +120,14 @@
|
||||
<div class="flash">{{ messages[0] }}</div>
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
<form method="POST">
|
||||
<form method="POST" autocomplete="off">
|
||||
<div class="form-group">
|
||||
<label>账号</label>
|
||||
<input type="text" name="username" required placeholder="请输入账号">
|
||||
<input type="text" name="username" required placeholder="请输入账号" autocomplete="off" autocapitalize="off" spellcheck="false">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>密码</label>
|
||||
<input type="password" name="password" required placeholder="请输入密码">
|
||||
<input type="password" name="password" required placeholder="请输入密码" autocomplete="new-password">
|
||||
</div>
|
||||
<button type="submit">登录</button>
|
||||
</form>
|
||||
|
||||
@@ -120,14 +120,14 @@
|
||||
<div class="flash">{{ messages[0] }}</div>
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
<form method="POST">
|
||||
<form method="POST" autocomplete="off">
|
||||
<div class="form-group">
|
||||
<label>账号</label>
|
||||
<input type="text" name="username" required placeholder="请输入账号">
|
||||
<input type="text" name="username" required placeholder="请输入账号" autocomplete="off" autocapitalize="off" spellcheck="false">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>密码</label>
|
||||
<input type="password" name="password" required placeholder="请输入密码">
|
||||
<input type="password" name="password" required placeholder="请输入密码" autocomplete="new-password">
|
||||
</div>
|
||||
<button type="submit">登录</button>
|
||||
</form>
|
||||
|
||||
@@ -120,14 +120,14 @@
|
||||
<div class="flash">{{ messages[0] }}</div>
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
<form method="POST">
|
||||
<form method="POST" autocomplete="off">
|
||||
<div class="form-group">
|
||||
<label>账号</label>
|
||||
<input type="text" name="username" required placeholder="请输入账号">
|
||||
<input type="text" name="username" required placeholder="请输入账号" autocomplete="off" autocapitalize="off" spellcheck="false">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>密码</label>
|
||||
<input type="password" name="password" required placeholder="请输入密码">
|
||||
<input type="password" name="password" required placeholder="请输入密码" autocomplete="new-password">
|
||||
</div>
|
||||
<button type="submit">登录</button>
|
||||
</form>
|
||||
|
||||
@@ -109,14 +109,14 @@
|
||||
<div class="flash">{{ messages[0] }}</div>
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
<form method="POST">
|
||||
<form method="POST" autocomplete="off">
|
||||
<div class="form-group">
|
||||
<label>账号</label>
|
||||
<input type="text" name="username" required placeholder="请输入账号">
|
||||
<input type="text" name="username" required placeholder="请输入账号" autocomplete="off" autocapitalize="off" spellcheck="false">
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>密码</label>
|
||||
<input type="password" name="password" required placeholder="请输入密码">
|
||||
<input type="password" name="password" required placeholder="请输入密码" autocomplete="new-password">
|
||||
</div>
|
||||
<button type="submit">登录</button>
|
||||
</form>
|
||||
|
||||
@@ -613,7 +613,6 @@ def api_auth_status(request: Request):
|
||||
return {
|
||||
"required": required,
|
||||
"logged_in": logged_in,
|
||||
"username_hint": expected_username() if required else None,
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -38,14 +38,14 @@
|
||||
<div class="login-sub">CRYPTO MONITOR · COMMAND</div>
|
||||
</div>
|
||||
</div>
|
||||
<form id="login-form" class="login-form" autocomplete="on">
|
||||
<form id="login-form" class="login-form" autocomplete="off">
|
||||
<label class="field">
|
||||
<span>用户名</span>
|
||||
<input type="text" name="username" id="login-username" required autocomplete="username" />
|
||||
<input type="text" name="username" id="login-username" required autocomplete="off" autocapitalize="off" spellcheck="false" />
|
||||
</label>
|
||||
<label class="field">
|
||||
<span>密码</span>
|
||||
<input type="password" name="password" id="login-password" required autocomplete="current-password" />
|
||||
<input type="password" name="password" id="login-password" required autocomplete="new-password" />
|
||||
</label>
|
||||
<button type="submit" class="primary login-submit" id="login-submit">进入系统</button>
|
||||
<p id="login-err" class="login-err" hidden></p>
|
||||
@@ -113,7 +113,6 @@
|
||||
.then((r) => r.json())
|
||||
.then((s) => {
|
||||
if (!s.required || s.logged_in) gotoAfterLogin(null, next);
|
||||
if (s.username_hint && !userInput.value) userInput.value = s.username_hint;
|
||||
})
|
||||
.catch(() => {});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user